LHA Consulting, Incorporated

So Pamela Dingle and Patrick Harding have been kicking around a discussion about the potential security liability of synchronizing enterprise passwords out to cloud applications. You should go read the whole thing, but the Cliff Notes version goes like this:

Giving away the shared secret that (for better or worse) is often the key to your internal windows domain and to anything linked into that domain, is a really stupid idea.

It’s an interesting premise, and rather flies in the face of the ILM/FIM integrator school of thought that says “I don’t care where your identities are, I’ll give you SSO by syncing everything everywhere.”

Now, clearly this argument resonates strongly with a Fed Zealot like me (and Pamela, and Patrick), since one of the benefits of the claims model is the fact that AuthN, and passwords by extension, are handled locally by the user’s authentication source rather than being shipped out to a bunch of connected systems. And, if you’re not BP (or maybe even if you are), one of the issues with the move to the Cloud is that it’s very much a “black box” environment, where local IT has no actual control over how anything is administered, secured, or controlled. (Of course, the assumption here is that you’ve done due diligence on your Cloud vendor on these matters prior to porting your apps out to them.)